Re: [dns-privacy] [Ext] Possible use case: Opportunistic encryption for recursive to authoritative
Paul Hoffman <paul.hoffman@icann.org> Sat, 08 August 2020 23:40 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0AFE63A0A7E for <dns-privacy@ietfa.amsl.com>; Sat, 8 Aug 2020 16:40:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bMbjkRRnDesw for <dns-privacy@ietfa.amsl.com>; Sat, 8 Aug 2020 16:39:59 -0700 (PDT)
Received: from ppa2.lax.icann.org (ppa2.lax.icann.org [192.0.33.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B478E3A044A for <dns-privacy@ietf.org>; Sat, 8 Aug 2020 16:39:59 -0700 (PDT)
Received: from MBX112-W2-CO-1.pexch112.icann.org (out.mail.icann.org [64.78.33.5]) by ppa2.lax.icann.org (8.16.0.42/8.16.0.42) with ESMTPS id 078NdwkI031230 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dns-privacy@ietf.org>; Sat, 8 Aug 2020 23:39:58 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-2.pexch112.icann.org (10.226.41.130) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.595.3; Sat, 8 Aug 2020 16:39:57 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.0595.003; Sat, 8 Aug 2020 16:39:57 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: DNS Privacy Working Group <dns-privacy@ietf.org>
Thread-Topic: [Ext] [dns-privacy] Possible use case: Opportunistic encryption for recursive to authoritative
Thread-Index: AQHWbd05c8BcxsiTF0elLKt5MXugSQ==
Date: Sat, 08 Aug 2020 23:39:57 +0000
Message-ID: <5E86BDE4-9A91-4565-8D2E-68F21404F08F@icann.org>
References: <3BA75997-3DE4-4DF5-B1F5-C57DBC423288@icann.org> <17f6e4fd-e545-267f-f29e-01d5fb57d017@innovationslab.net> <9856A472-1148-429A-844E-D561A1C808EB@develooper.com> <20200808220939.5D78891DC2E@fafnir.remote.dragon.net>
In-Reply-To: <20200808220939.5D78891DC2E@fafnir.remote.dragon.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_993329C2-970E-4F25-9804-A494330DE85D"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-08-08_15:2020-08-06, 2020-08-08 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/Pkv0DfJigSHKdbLNpGQ8L69CISo>
Subject: Re: [dns-privacy] [Ext] Possible use case: Opportunistic encryption for recursive to authoritative
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Aug 2020 23:40:01 -0000
Sorry to break in, but what does the question of number of anycast auth servers have to do with this use case? Or did y'all mean to start this as a thread for draft-ietf-dprive-phase2-requirements, in which it could be relevant? --Paul Hoffman
- [dns-privacy] Possible use case: Opportunistic en… Paul Hoffman
- Re: [dns-privacy] Possible use case: Opportunisti… Ben Schwartz
- Re: [dns-privacy] [Ext] Possible use case: Opport… Paul Hoffman
- Re: [dns-privacy] Possible use case: Opportunisti… John R. Levine
- Re: [dns-privacy] Possible use case: Opportunisti… Tim Wicinski
- Re: [dns-privacy] Possible use case: Opportunisti… Puneet Sood
- Re: [dns-privacy] Possible use case: Opportunisti… Rob Sayre
- Re: [dns-privacy] Possible use case: Opportunisti… Puneet Sood
- Re: [dns-privacy] Possible use case: Opportunisti… Rob Sayre
- Re: [dns-privacy] Possible use case: Opportunisti… Manu Bretelle
- Re: [dns-privacy] Possible use case: Opportunisti… John Levine
- Re: [dns-privacy] Possible use case: Opportunisti… Rob Sayre
- Re: [dns-privacy] Possible use case: Opportunisti… Paul Wouters
- Re: [dns-privacy] Possible use case: Opportunisti… Brian Haberman
- Re: [dns-privacy] Possible use case: Opportunisti… Ask Bjørn Hansen
- Re: [dns-privacy] Possible use case: Opportunisti… Paul Ebersman
- Re: [dns-privacy] [Ext] Possible use case: Opport… Paul Hoffman
- Re: [dns-privacy] Possible use case: Opportunisti… Peter van Dijk
- Re: [dns-privacy] Possible use case: Opportunisti… Peter van Dijk
- Re: [dns-privacy] [Ext] Possible use case: Opport… Brian Haberman
- Re: [dns-privacy] Possible use case: Opportunisti… Tony Finch
- Re: [dns-privacy] Possible use case: Opportunisti… Paul Wouters
- [dns-privacy] TLSA for secure resolver-auth trans… Peter van Dijk
- Re: [dns-privacy] Possible use case: Opportunisti… Vladimír Čunát
- Re: [dns-privacy] [Ext] Possible use case: Opport… Paul Hoffman
- Re: [dns-privacy] TLSA for secure resolver-auth t… Ilari Liusvaara
- Re: [dns-privacy] TLSA for secure resolver-auth t… Paul Wouters
- Re: [dns-privacy] [Ext] TLSA for secure resolver-… Paul Hoffman
- Re: [dns-privacy] TLSA for secure resolver-auth t… Vladimír Čunát
- Re: [dns-privacy] TLSA for secure resolver-auth t… Paul Wouters
- Re: [dns-privacy] Possible use case: Opportunisti… Viktor Dukhovni
- Re: [dns-privacy] TLSA for secure resolver-auth t… Peter van Dijk